Extreme Networks

Product Lifecycle Manager – Security & Compliance Certifications

Extreme Networks

full-time

Posted on:

Origin:  • 🇺🇸 United States • California

Visit company website
AI Apply
Manual Apply

Job Level

SeniorLead

Tech Stack

CloudPMP

About the role

  • Lead and coordinate the full product lifecycle with a strong focus on security and compliance certifications for global markets.
  • Drive product certification initiatives from planning through execution for multiple compliance frameworks, including FedRAMP (Moderate and High), GovRAMP, ISMAP (Japan), SOC 2 (Type I & II), ISO 27001, ISO 27017, ISO 42001, Common Criteria, FIPS 140-3, and Germany C5.
  • Partner with engineering and security teams to design and implement controls that meet certification requirements.
  • Engage with third-party assessment organizations (3PAOs), auditors, and regulatory bodies.
  • Coordinate documentation, evidence collection, and audit readiness activities.
  • Perform continuous monitoring activities and track certification renewal timelines to ensure continuous compliance.
  • Evaluate changes in standards and regulations to assess their impact on product compliance.
  • Support go-to-market teams with certification-related customer requests and RFP responses.

Requirements

  • Bachelor’s degree in Information Security, Computer Science, Engineering, or related field (or equivalent experience).
  • 7+ years of product management or product lifecycle management experience, with at least 5 years focused on security compliance.
  • Proven track record managing multiple certifications simultaneously across diverse regulatory frameworks.
  • Strong understanding of cloud infrastructure, SaaS architectures, and security best practices.
  • Experience working directly with auditors, 3PAOs, and government assessment programs.
  • Excellent project management, communication, and stakeholder engagement skills.
  • Knowledge of certification frameworks: FedRAMP (Moderate and High); GovRAMP; ISMAP (Japan); SOC 2 (Type I & II); ISO 27001, ISO 27017, ISO 42001; Common Criteria; FIPS 140-3; Germany C5; data networking and wireless fundamentals.
  • PMP, CISM, CISSP, or similar certification (preferred).
  • Experience with global compliance frameworks beyond those listed (preferred).
  • Familiarity with automated compliance and GRC tools (preferred).
  • Prior experience in a high-security government or regulated industry environment (preferred).